|
The Internet of today is awash with networking protocols, but at its core lies a handful that fundamentally keep the Internet functioning. From my perspective, there is no modern Internet without DNS, HTTP, SSL, BGP, SMTP, and NTP.
Of these most important Internet protocols, NTP (Network Time Protocol) is the likely least understood and has the least attention and support. Until very recently, it was supported (part-time) by just one person—Harlan Stenn. My own alarm bells rang after reading Cory Doctorow’s article over at Boing Boing who described the project as being marginally supported and “had lost the root passwords to the machine where the source code was maintained (so that machine hadn’t received security updates in many years), and that machine ran a proprietary source-control system that almost no one had access to, so it was very hard to contribute to”.
Just about all secure communication protocols and server synchronization processes require that they have their internal clocks set the same. NTP is the protocol that allows all this to happen.
A member of the Network Time Foundation (the fiscal sponsors of NTP) reached out to me to dispute Doctorow’s assertion that the root passwords had been lost and points out that a team have been performing security audits and testing via several methods for many years. That’s great news and helps settle some of the fears that further advancements of NTP will stall. It’s too critical for that to happen.
ICEI and CACR have gotten involved with supporting NTP and there are several related protocol advancements underway to increase security of such vital component of the Internet. NTS (Network Time Security), currently in draft version with the Internet Engineering Task Force (IETF), aims to give administrators a way to add security to NTP and promote secure time synchronization.
While there have been remarkably few exploitable vulnerabilities in NTP over the years, the recent growth of DDoS botnets (such as Mirai) utilizing NTP Reflection Attacks shone a new light on its frailties and importance.
Some relevant stories on the topic of how frail and vital NTP has become, and what’s being done to improve the situation can be found at:
• Time is Running Out for NTP
• NTP: the rebirth of ailing, failing core network infrastructure
• The internet’s core infrastructure is dangerously unsupported and could crumble (but we can save it!)
• Security updates to NTP
Editor’s Note: This post was updated to include comments from Network Time Foundation.
Sponsored byVerisign
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byRadix
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byVerisign